In this tutorial, I will be installing and configuring snare agent on hosts for monitoring them with OSSIM Open-source SIEM. Let’s get started… – Download Snare Client edition from: sourceforge.net/projects/snare/ – Enable Snare Plugin on OSSIM Server by Installing Snare Agent on Windows Client: – Current latest file Downloaded is “SnareForWindows-4.0.2.0-MultiArchOpenSource.exe” …
Read More »Configuring Nagios on Client for OSSIM
In this tutorial, I am going to install Nagios on Windows and Linux Hosts to monitor them with AlienVault OSSIM SIEM for 24 x 7 Availability check. Configuring Nagios on Client for OSSIM: 1- Install latest version of: – NSClient++ on windows hosts. Download from: nsclient.org/nscp/downloads . – NRPE …
Read More »Configuring OSSEC Clients with OSSIM
Adding OSSEC Agents for Vulnerability and Files Integrity Scanning: In this tutorial I’ll be installing OSSEC agents on Windows and Linux Client machines to be monitored by OSSIM SIEM. For configuring OSSEC clients with OSSIM, we need OSSEC agent be downloaded and installed on hosts, but first, we’ll enable/activate OSSEC …
Read More »Installing and Configuring AlienVault OSSIM OpenSource SIEM
In this tutorial, I’ll be installing and configuring AlienVault OSSIM OpenSource SIEM. Its current latest version is 4.14.0. I have downloaded its ISO image from alienvault official website, you may download AlienVault OSSIM from following given official link: Installation of AlienVault OSSIM: AlienVault OSSIM Download: https://www.alienvault.com/open-threat-exchange/projects Now, I’ll …
Read More »Configuring BIND DNS Server on pfSense Firewall
In this tutorial, I’ll be configuring BIND DNS Server on pfSense Firewall for Domains Names Lookup for internal as well as external network. 1- First of all, install BIND package from pfSense provided packages at: “System” Menu > “Packages” > “Available Packages” > Search for “BIND” Click on button …
Read More »ld-linux.so.2 bad ELF interpreter: No such file or directory
When I used “check_dig” plugin to monitor DNS Resolution on TMG Gateway server using NSClient++, I faced following error: Solution: To resolve this issue, first lets check what will provided ld-linux.so.2 file: Result on CentOS 7 64bit is: Let’s install required Addon: I’ve installed this as installing “glibc-2.17-55.el7.i686” gave …
Read More »How to monitor Windows Host by Nagios Core
This is the time to add and monitor Windows host by Nagios Core NMS. We need NSClient++ addon to be downloaded and installed on Windows host that is required to be monitored. Download NSClient++: http://nsclient.org/stable/ – Install it, give NMS Server’s IP and Password when asked during setup. – Finish …
Read More »How to monitor Linux host by Nagios Core
In this tutorial, I will demonstrate how to monitor Linux host by Nagios Core NMS. I’ll be adding CentOS client host. Installing NRPE (on Client Host): Now, we’ll install NRPE on client host to let its services be checked and monitored by NMS Server. Installing Required Deps: Download & Installing …
Read More »Installing PNP4Nagios for Nagios on CentOS
In this tutorial, I’ll be installing PNP4Nagios for Nagios to draw graphs on Nagios NMS Server’s Web UI. Download PNP4Nagios: http://downloads.sourceforge.net/project/pnp4nagios/ Installing Required Dependencies: Extract & Install PNP4Nagios: Edit Nagios.cfg, enable “process_performance_data” and add following lines at last: Edit commands.cfg and add following lines at last: …
Read More »Installing Nagios Core on CentOS
Installing Nagios Core on CentOS 5 / 6 & 7 In this tutrial I will install Nagios Core (one of the most powerful and opensource NMS) with Nagios Plugins and NRPE on CentOS version 7, steps for CentOS 5 & 6 also included. Tools / Addons used in this tutorial: …
Read More »